[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Dec 10 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-09 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [213:214] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 2 sites probed the server 62.210.77.54 66.240.205.34 Requests with error response codes 400 Bad Request /socket.io/?noteId=AwS&EIO=3&transport=pol ... VbufFux9drwAAf8: 3 Time(s) /socket.io/?noteId=AwS&EIO=3&transport=pol ... b-r3UyW1bIdAAf4: 3 Time(s) null: 3 Time(s) /: 2 Time(s) /manager/html: 1 Time(s) /manager/text/list: 1 Time(s) mstshash=Administr: 1 Time(s) 403 Forbidden /resolutionen/: 1 Time(s) /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s) 404 Not Found /robots.txt: 35 Time(s) /berlin/apple-touch-icon.png: 6 Time(s) /wp-login.php: 2 Time(s) /ads.txt: 1 Time(s) /reader/2016_SoSe_Konstanz_kurz.pdf%7CReader: 1 Time(s) /reader/2016_sose_konstanz_lang.pdf: 1 Time(s) /resolutionen/sose17/symptompflicht/PosPapier_: 1 Time(s) /resolutionen/sose18/Pruefungsanmeldung/reso_: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /verein%7CZaPF: 1 Time(s) /verein/satzung/%7CSatzung: 1 Time(s) /wp-content/themes/sketch/404.php: 1 Time(s) /zapf/reader/%7CTagungsreader: 1 Time(s) /zapf/resolutionen/%7D%7Bwww.zapfev.de/zapf/resolutionen%7D: 1 Time(s) 500 Internal Server Error /: 23 Time(s) /robots.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.190.92): 60 Time(s) root (222.186.175.183): 48 Time(s) root (222.186.180.8): 42 Time(s) root (222.186.180.9): 40 Time(s) root (222.186.175.167): 38 Time(s) root (222.186.173.238): 36 Time(s) root (222.186.175.155): 36 Time(s) root (222.186.175.202): 36 Time(s) root (222.186.175.220): 36 Time(s) root (218.92.0.212): 35 Time(s) root (222.186.175.150): 35 Time(s) root (222.186.173.154): 30 Time(s) root (222.186.175.140): 30 Time(s) root (222.186.175.154): 30 Time(s) root (222.186.175.181): 30 Time(s) root (222.186.175.217): 30 Time(s) root (49.88.112.55): 30 Time(s) root (222.186.173.226): 29 Time(s) root (222.186.175.147): 27 Time(s) root (218.92.0.148): 25 Time(s) root (218.92.0.165): 24 Time(s) root (222.186.169.192): 24 Time(s) root (222.186.173.180): 24 Time(s) root (222.186.175.161): 24 Time(s) root (222.186.180.223): 24 Time(s) root (222.186.42.4): 24 Time(s) root (218.92.0.175): 23 Time(s) root (222.186.175.215): 23 Time(s) root (112.85.42.172): 20 Time(s) root (218.92.0.170): 19 Time(s) root (218.92.0.135): 18 Time(s) root (218.92.0.178): 18 Time(s) root (222.186.173.142): 18 Time(s) root (222.186.173.215): 18 Time(s) root (222.186.180.6): 18 Time(s) root (222.186.190.2): 18 Time(s) root (49.88.112.59): 18 Time(s) root (49.88.112.64): 18 Time(s) root (218.92.0.158): 17 Time(s) root (218.92.0.164): 17 Time(s) root (218.92.0.172): 17 Time(s) root (218.92.0.131): 13 Time(s) root (112.85.42.181): 12 Time(s) root (218.92.0.134): 12 Time(s) root (222.186.173.183): 12 Time(s) root (222.186.175.148): 12 Time(s) root (222.186.175.151): 12 Time(s) root (222.186.175.169): 12 Time(s) root (222.186.175.212): 12 Time(s) root (222.186.180.41): 12 Time(s) root (112.85.42.174): 11 Time(s) root (222.186.175.182): 11 Time(s) root (112.85.42.173): 10 Time(s) root (112.85.42.182): 10 Time(s) root (49.88.112.62): 9 Time(s) root (112.85.42.178): 6 Time(s) root (218.92.0.139): 6 Time(s) root (218.92.0.141): 6 Time(s) root (218.92.0.179): 6 Time(s) root (218.92.0.181): 6 Time(s) root (222.186.175.163): 6 Time(s) root (222.186.180.17): 6 Time(s) root (49.88.112.58): 6 Time(s) root (61.177.172.128): 6 Time(s) root (112.85.42.175): 5 Time(s) root (112.85.42.180): 5 Time(s) root (222.186.169.194): 4 Time(s) unknown (171.247.103.127): 4 Time(s) unknown (171.251.22.179): 3 Time(s) root (121.165.33.239): 2 Time(s) unknown (121.165.33.239): 2 Time(s) unknown (27.69.242.187): 2 Time(s) unknown (41.193.122.77): 2 Time(s) unknown (host-81-190-155-228.dynamic.mm.pl): 2 Time(s) unknown (mittal.steel.806588-252.bih.net.ba): 2 Time(s) unknown (s559456f9.adsl.online.nl): 2 Time(s) root (111.59.93.76): 1 Time(s) root (178.150.191.135): 1 Time(s) root (212.34.246.73): 1 Time(s) root (218.92.0.155): 1 Time(s) root (27.69.242.187): 1 Time(s) root (41.189.225.214): 1 Time(s) unknown (103.2.132.112): 1 Time(s) unknown (103.252.26.62): 1 Time(s) unknown (103.41.97.101): 1 Time(s) unknown (117.96.196.198): 1 Time(s) unknown (123.21.76.99): 1 Time(s) unknown (13.67.34.174): 1 Time(s) unknown (14.174.77.239): 1 Time(s) unknown (145.249.105.204): 1 Time(s) unknown (176.28.117.66): 1 Time(s) unknown (179.226.213.198): 1 Time(s) unknown (190.148.39.232): 1 Time(s) Invalid Users: Unknown Account: 30 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 4 Miscellaneous warnings 17.791K Bytes accepted 18,218 17.791K Bytes sent via SMTP 18,218 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 5 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 5 Total 4xx Rejects 100.00% ======== ================================================== 30 Connections 24 Connections lost (inbound) 30 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Timeouts (inbound) 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 225 Time(s) Failed logins from: 27.69.242.187 (localhost): 1 time 41.189.225.214: 1 time 49.88.112.55: 30 times 49.88.112.58: 6 times 49.88.112.59: 18 times 49.88.112.62: 9 times 49.88.112.64: 18 times 61.177.172.128: 6 times 111.59.93.76: 1 time 112.85.42.172: 20 times 112.85.42.173: 10 times 112.85.42.174: 11 times 112.85.42.175: 5 times 112.85.42.178: 6 times 112.85.42.180: 5 times 112.85.42.181: 12 times 112.85.42.182: 10 times 121.165.33.239: 2 times 178.150.191.135 (135.191.150.178.triolan.net): 1 time 212.34.246.73 (host-73.246.34.212.ucom.am): 1 time 218.92.0.131: 13 times 218.92.0.134: 12 times 218.92.0.135: 18 times 218.92.0.139: 6 times 218.92.0.141: 6 times 218.92.0.148: 28 times 218.92.0.155: 3 times 218.92.0.158: 17 times 218.92.0.164: 17 times 218.92.0.165: 24 times 218.92.0.170: 23 times 218.92.0.172: 17 times 218.92.0.175: 23 times 218.92.0.178: 18 times 218.92.0.179: 6 times 218.92.0.181: 6 times 218.92.0.212: 35 times 222.186.42.4: 24 times 222.186.169.192: 24 times 222.186.169.194: 6 times 222.186.173.142: 18 times 222.186.173.154: 30 times 222.186.173.180: 24 times 222.186.173.183: 12 times 222.186.173.215: 18 times 222.186.173.226: 29 times 222.186.173.238: 36 times 222.186.175.140: 30 times 222.186.175.147: 30 times 222.186.175.148: 12 times 222.186.175.150: 35 times 222.186.175.151: 12 times 222.186.175.154: 30 times 222.186.175.155: 36 times 222.186.175.161: 24 times 222.186.175.163: 6 times 222.186.175.167: 42 times 222.186.175.169: 12 times 222.186.175.181: 30 times 222.186.175.182: 11 times 222.186.175.183: 48 times 222.186.175.202: 36 times 222.186.175.212: 12 times 222.186.175.215: 23 times 222.186.175.217: 30 times 222.186.175.220: 36 times 222.186.180.6: 18 times 222.186.180.8: 42 times 222.186.180.9: 40 times 222.186.180.17: 6 times 222.186.180.41: 12 times 222.186.180.223: 24 times 222.186.190.2: 18 times 222.186.190.92: 60 times Illegal users from: undef: 10 times 13.67.34.174: 1 time 14.174.77.239 (static.vnpt.vn): 1 time 27.69.242.187 (localhost): 3 times 41.193.122.77: 2 times 80.65.88.252 (mittal.steel.806588-252.bih.net.ba): 2 times 81.190.155.228 (host-81-190-155-228.dynamic.mm.pl): 2 times 85.148.86.249 (s559456f9.adsl.online.nl): 2 times 103.2.132.112 (node-103-2-132-112.alliancebroadband.in): 1 time 103.41.97.101: 1 time 103.252.26.62: 1 time 117.96.196.198 (abts-tn-static-198.196.96.117.airtelbroadband.in): 1 time 121.165.33.239: 2 times 123.21.76.99: 1 time 145.249.105.204: 1 time 171.247.103.127 (dynamic-ip-adsl.viettel.vn): 4 times 171.251.22.179 (dynamic-adsl.viettel.vn): 3 times 176.28.117.66: 1 time 179.226.213.198 (179-226-213-198.user.vivozap.com.br): 1 time 190.148.39.232 (232.39.148.190.static.intelnet.net.gt): 1 time **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 6 time(s) fatal: no matching cipher found: client aes128-cbc,blowfish-cbc,3des-cbc server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 61 time(s) error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################